aboutsummaryrefslogtreecommitdiffstats
path: root/secure/lib/libcrypto/man/man3/SSL_CTX_set_stateless_cookie_generate_cb.3
diff options
context:
space:
mode:
authorJung-uk Kim <jkim@FreeBSD.org>2020-03-20 21:43:08 +0000
committerJung-uk Kim <jkim@FreeBSD.org>2020-03-20 21:43:08 +0000
commit737493770cbfb0e6144e7c1eddebbe9160394a0f (patch)
tree041bf5f9d13b214279a3737b71d9ed65826ac7a6 /secure/lib/libcrypto/man/man3/SSL_CTX_set_stateless_cookie_generate_cb.3
parent29b5aa1b8efcee2c420239594c8840a0e465e8dd (diff)
downloadsrc-737493770cbfb0e6144e7c1eddebbe9160394a0f.tar.gz
src-737493770cbfb0e6144e7c1eddebbe9160394a0f.zip
MFC: r359060, r359061, r359066
Merge OpenSSL 1.1.1e.
Notes
Notes: svn path=/stable/12/; revision=359186
Diffstat (limited to 'secure/lib/libcrypto/man/man3/SSL_CTX_set_stateless_cookie_generate_cb.3')
-rw-r--r--secure/lib/libcrypto/man/man3/SSL_CTX_set_stateless_cookie_generate_cb.368
1 files changed, 51 insertions, 17 deletions
diff --git a/secure/lib/libcrypto/man/man3/SSL_CTX_set_stateless_cookie_generate_cb.3 b/secure/lib/libcrypto/man/man3/SSL_CTX_set_stateless_cookie_generate_cb.3
index 24e74e8f4ee5..3c7cfb6555ed 100644
--- a/secure/lib/libcrypto/man/man3/SSL_CTX_set_stateless_cookie_generate_cb.3
+++ b/secure/lib/libcrypto/man/man3/SSL_CTX_set_stateless_cookie_generate_cb.3
@@ -1,4 +1,4 @@
-.\" Automatically generated by Pod::Man 4.11 (Pod::Simple 3.39)
+.\" Automatically generated by Pod::Man 4.11 (Pod::Simple 3.40)
.\"
.\" Standard preamble:
.\" ========================================================================
@@ -133,13 +133,13 @@
.\" ========================================================================
.\"
.IX Title "SSL_CTX_SET_STATELESS_COOKIE_GENERATE_CB 3"
-.TH SSL_CTX_SET_STATELESS_COOKIE_GENERATE_CB 3 "2019-09-10" "1.1.1d" "OpenSSL"
+.TH SSL_CTX_SET_STATELESS_COOKIE_GENERATE_CB 3 "2020-03-17" "1.1.1e" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
.nh
.SH "NAME"
-SSL_CTX_set_stateless_cookie_generate_cb, SSL_CTX_set_stateless_cookie_verify_cb \&\- Callback functions for stateless TLS1.3 cookies
+SSL_CTX_set_stateless_cookie_generate_cb, SSL_CTX_set_stateless_cookie_verify_cb, SSL_CTX_set_cookie_generate_cb, SSL_CTX_set_cookie_verify_cb \&\- Callback functions for stateless TLS1.3 cookies
.SH "SYNOPSIS"
.IX Header "SYNOPSIS"
.Vb 1
@@ -155,29 +155,63 @@ SSL_CTX_set_stateless_cookie_generate_cb, SSL_CTX_set_stateless_cookie_verify_cb
\& int (*verify_stateless_cookie_cb) (SSL *ssl,
\& const unsigned char *cookie,
\& size_t cookie_len));
+\&
+\& void SSL_CTX_set_cookie_generate_cb(SSL_CTX *ctx,
+\& int (*app_gen_cookie_cb) (SSL *ssl,
+\& unsigned char
+\& *cookie,
+\& unsigned int
+\& *cookie_len));
+\& void SSL_CTX_set_cookie_verify_cb(SSL_CTX *ctx,
+\& int (*app_verify_cookie_cb) (SSL *ssl,
+\& const unsigned
+\& char *cookie,
+\& unsigned int
+\& cookie_len));
.Ve
.SH "DESCRIPTION"
.IX Header "DESCRIPTION"
-\&\fBSSL_CTX_set_cookie_generate_cb()\fR sets the callback used by \fBSSL_stateless\fR\|(3)
-to generate the application-controlled portion of the cookie provided to clients
-in the HelloRetryRequest transmitted as a response to a ClientHello with a
-missing or invalid cookie. \fBgen_stateless_cookie_cb()\fR must write at most
-\&\s-1SSL_COOKIE_LENGTH\s0 bytes into \fBcookie\fR, and must write the number of bytes
-written to \fBcookie_len\fR. If a cookie cannot be generated, a zero return value
-can be used to abort the handshake.
+\&\fBSSL_CTX_set_stateless_cookie_generate_cb()\fR sets the callback used by
+\&\fBSSL_stateless\fR\|(3) to generate the application-controlled portion of the cookie
+provided to clients in the HelloRetryRequest transmitted as a response to a
+ClientHello with a missing or invalid cookie. \fBgen_stateless_cookie_cb()\fR must
+write at most \s-1SSL_COOKIE_LENGTH\s0 bytes into \fBcookie\fR, and must write the number
+of bytes written to \fBcookie_len\fR. If a cookie cannot be generated, a zero
+return value can be used to abort the handshake.
+.PP
+\&\fBSSL_CTX_set_stateless_cookie_verify_cb()\fR sets the callback used by
+\&\fBSSL_stateless\fR\|(3) to determine whether the application-controlled portion of a
+ClientHello cookie is valid. The cookie data is pointed to by \fBcookie\fR and is of
+length \fBcookie_len\fR. A nonzero return value from \fBverify_stateless_cookie_cb()\fR
+communicates that the cookie is valid. The integrity of the entire cookie,
+including the application-controlled portion, is automatically verified by \s-1HMAC\s0
+before \fBverify_stateless_cookie_cb()\fR is called.
+.PP
+\&\fBSSL_CTX_set_cookie_generate_cb()\fR sets the callback used by \fBDTLSv1_listen\fR\|(3)
+to generate the cookie provided to clients in the HelloVerifyRequest transmitted
+as a response to a ClientHello with a missing or invalid cookie.
+\&\fBapp_gen_cookie_cb()\fR must write at most \s-1DTLS1_COOKIE_LENGTH\s0 bytes into
+\&\fBcookie\fR, and must write the number of bytes written to \fBcookie_len\fR. If a
+cookie cannot be generated, a zero return value can be used to abort the
+handshake.
.PP
-\&\fBSSL_CTX_set_cookie_verify_cb()\fR sets the callback used by \fBSSL_stateless\fR\|(3) to
-determine whether the application-controlled portion of a ClientHello cookie is
-valid. A nonzero return value from \fBapp_verify_cookie_cb()\fR communicates that the
-cookie is valid. The integrity of the entire cookie, including the
-application-controlled portion, is automatically verified by \s-1HMAC\s0 before
-\&\fBverify_stateless_cookie_cb()\fR is called.
+\&\fBSSL_CTX_set_cookie_verify_cb()\fR sets the callback used by \fBDTLSv1_listen\fR\|(3) to
+determine whether the cookie in a ClientHello is valid. The cookie data is
+pointed to by \fBcookie\fR and is of length \fBcookie_len\fR. A nonzero return value
+from \fBapp_verify_cookie_cb()\fR communicates that the cookie is valid. The
+integrity of the cookie is not verified by OpenSSL. This is an application
+responsibility.
.SH "RETURN VALUES"
.IX Header "RETURN VALUES"
Neither function returns a value.
.SH "SEE ALSO"
.IX Header "SEE ALSO"
-\&\fBSSL_stateless\fR\|(3)
+\&\fBSSL_stateless\fR\|(3),
+\&\fBDTLSv1_listen\fR\|(3)
+.SH "HISTORY"
+.IX Header "HISTORY"
+\&\fBSSL_CTX_set_stateless_cookie_generate_cb()\fR and
+\&\fBSSL_CTX_set_stateless_cookie_verify_cb()\fR were added in OpenSSL 1.1.1.
.SH "COPYRIGHT"
.IX Header "COPYRIGHT"
Copyright 2018 The OpenSSL Project Authors. All Rights Reserved.